Insights For Success

Strategy, Innovation, Leadership and Security

Microsoft has launched an initiative to help individuals acquire new digital skills

GeneralEdward Kiledjian

Microsoft has launched an incredible new initiative powered by free learning content, low-cost certifications and job seeker tools to help 25 million individuals re-enter the workforce.

Microsoft has launched a new initiative that combines content from it's LinkedIn learning and Github entities, mixed with other content previously only available internally to Microsoft employees.

The purpose of this initiative is to help upskill or retool individuals that may have lost their jobs due to COVID. Microsoft is forecasting up to a quarter-billion unemployed individuals (globally) in 2020 due to COVID. Microsoft is using its proprietary data to identify the most in-demand jobs; it is building a curriculum from its various entities and is offers low-cost certifications.

You can access all of these resources and more at opportunity,linkedin.com.

Combining all of its employment and tech-related data, Microsoft believes that the ten most in-demand jobs (globally) over the next decade will be:

  1. Software developer

  2. Sales representative

  3. Project manager

  4. IT Administrator

  5. Customer service specialist

  6. Digital marketing specialist

  7. IT support

  8. Data analyst

  9. Financial analyst

  10. Graphic designer

Microsoft has designed a custom curriculum for each of these career paths and makes the training content available for free until March 2021.

The content is available in English, French, Spanish and German.

Each custom-designed curriculum path includes LinkedIn learning content. The curriculum may also include content from Microsoft Learn. To prove proficiency, Microsoft has made its new role-based certifications available for $15 (if you attest that COVID19 has impacted your job).

Microsoft blog

A Canadian company breaking Internet censorship 

GeneralEdward Kiledjian
china-3303411.jpg

Controlling the flow of information is a critical tool in the arsenal of despots, dictators and authoritarian regimes. Some countries want to block a handful of internet sites (Facebook, Instagram, Twitter, etc.) while others exert an almost inconceivable stranglehold on the internet (think Iran). 

When we think of censorship, the typical list that comes to mind is North Korea, Iran, China and Cuba. The list is much more worrisome than that and includes countries such as Bahrain, Ethiopia, India, Pakistan, Russia, Saudi Arabia, Sudan, Syria, United Arab Emirates and more. Other countries typically offer an open internet to their population except during major events like Egypt during the spring uprising. 

Enter Psiphon

Psiphon is a Canadian company that started at the Citizen Lab intending to design censorship busting technology. It is an open-source tool designed to allow citizens living in restrictive regimes to access "forbidden content easily." The basic version of Psiphon that is free for everyone forever without requiring is account is speed limited to 2Mb/s. You can earn (by watching promo advertising videos) or buy PsiCash, which allows you to unlock faster speeds for a certain amount of time (up to 5Mb/s).

Earning PsiCash

As an example, watching a 30-second video ad earns you 35 PsiCash. You can watch about 5 in a row (earning you 150 PsiCash). You can exchange 100 PsiCash for 1 hour of "speed boost."

This is likely how citizens of repressive regimes would use the tool. If you are willing to spend cash via the Google Play store, you can buy 1000 PsiCash for $0.99CAD (10 hours of "speed boost"), 5000 PsiCash for $4,99CAD (50 hours of "speed boost"), etc. Every chuck of "speed boost" you buy starts counting down once you activate it.

Screenshot_20200628-150726.jpg


If you want a more traditional monthly subscription with unlimited use, you can opt for a recurring subscription.

Screenshot_20200628-152114.jpg

Or you can opt for an onetime pass unlimited use pass (if you are travelling to one of the regions that censors the internet)

07-01-2020_Image3.jpg

Who are these monthly recurring subscriptions for? They are for regions where the population is much better off (think Saudi Arabia) or for users that work in environments where undesirable internet sites are blocked (e.g. corporations, universities, etc).

DNS Leak Tests

I conducted a bunch of DNS Leak tests on Windows & Android and didn't detect any leaks. On some tests, Google DNS servers did show up but these were proxies by Psiphon so your confidentiality is protected. 

Different App Versions

You can download Psiphon from the Google Play Store, from the Apple AppStore, from their website (for Android or Windows).
 
If you send an empty email to [email protected], they will respond with an automated response listing different AWS URLs you can download the client from. The purpose of this option is to make the download available from cloud providers that are typically allowed. 

07-01-2020_Image5.jpg

Some news-oriented newspapers blocked in certain regions recommend you use Psiphon to access them (BBC, The Intercept, etc.). These sites even set up the same type of email download link response service, to help you find Psiphon easier (e.g. The Intercept set up [email protected]).

Most platforms offer 2 versions of the Psiphon app (basic and Pro). The basic version is the all free version, capped at 2Mb/s and it comes with small ads.

The Pro version seems to have more prominent ads but offers the option to have them removed if you buy a monthly subscription. 

The subscription and "speed boost" pricing is only available in the app, and pricing is region-specific (The high-speed monthly subscription seems to be $9.99USD/$14.99CAD/£9.99.) 

Last year Psiphon offered a 30 day trial for the subscription but has now lowered the trial to 7 days. 

Ease of use

Once you install the app, you can immediately start the speed-limited service. It does not require any type of registration. This lack of red tape speeds up the process but also means any PsiCash you buy is bound to that device and that particular installation. If you clear the app cache or reinstall the app (even on the same device), you PsiCash is gone.

During my initial test, I sideloaded the app on Android and wasn’t shown ads during use. That behaviour may change, so your mileage may vary. The Google Play versions I installed did show me ads.

07-01-2020_Image6.jpg

You will notice a **Stats** menu option in the previous image; this shows you how much data you have uploaded and downloaded. This is less of a concern in industrialized regions, but many developing countries have expensive data plans. This **stats** option aims to help users make smarter data usage choices.


How secure is Psiphon?

This article will not be a technical evaluation discussion about their security; however, you should read this section to ensure you understand what it does and what it does not. Psiphon is, first and foremost, a censorship busting tool. It uses a variety of technologies to ensure they can bust through most of the time. They combine different technologies like always changing server IPs, a series of cascading protocols (SSH, VPN, handshake obfuscation, etc.) and other anti fingerprinting techniques.

These work excessively well. A buddy in China installed the Android version and freely accessed restricted sites (consistently over a test period of a week). All traffic from your device to the Psiphon servers is always encrypted, and they don't log any personally identifiable information. The last piece is that the software is open-source and can be inspected by anyone.

This service is NOT a replacement for other more common western VPNs like ExpressVPN, NordVPN, ProtonVPN, etc. Psiphon does a much better job of breaking through censorship controls. Still, it does not offer all of the privacy-protecting tools that traditional VPNs do (CyberSec DNS from Nord or the ability to control where you exit the network).

Psiphon does not claim to increase your privacy because they don't protect you from website fingerprinting, beacons on the web or other privacy destroying techniques.

Psiphon shares aggregated information with its commercial partners.

Use Psiphon is you need to break censorship controls.

If you need strong privacy, go TOR (TOR does not work in most censoring regions).

Conclusion

I read a ton of discussions about Psiphon on different social media sites from people claiming to in repressive regimes. Even with the fact it is slow, clunky and not the most beautiful app, it provides a critical service that nothing else seems to offer.

Most users benefit from the free version, and Psiphon doesn't have an army of support people waiting to chat with you or respond to your emails.

If you are in a country that controls the internet, try TOR first. If it doesn't work, then jump to Psiphon.

If you live in one of the western countries where we enjoy relatively unfettered access to the internet, you would be better served by a traditional VPN service.

Ed's favourite things - Best Qi wireless charger

GeneralEdward Kiledjian
fiber-optic-2749588.jpg

This is not a sponsored post, and links are not affiliated links. 

Most moderately priced (or higher) smartphones now come with wireless charging, which means it is a little luxury you can easily add to your everyday experience. 

When evaluating wireless Qi chargers, I only looked at the stand models because it allows you to use the device while it charges, and it makes finding the charging zone effortless. 

Over the years, I have tested hundreds of cables, chargers and wireless chargers and have concluded that Anker and Ravpower manufacture the most reliable units. After testing about 20 models available on Amazon, I wasn't surprised to find that the best units came from these two brands. 

The best wireless charger is the RAVPower Wireless Charging Stand (RP-PC069). The charge speed will depend on your smartphone (Androids will charge faster than iPhones), but the best in class wireless chargers perform 20-40% better than the cheaper competition. This unit delivers a constant 7.5 watts for iPhones and 10 watts for Android devices. 

rav1.png

The RavPower is a complete kit that includes the charging cradle, charger cable and the wall adapter. The RavPower has 2 coils which means you can place you charge your phone horizontally (to play games while charging) or vertically (to check messages or video chat).

Unlike cheap Chinese competitors, the Anker and RavPower units are certified by the Qi Power Association, so you know it will not damage your expensive smartphone. 

Additionally, the best units have dim lights (that won't bother you during sleep), and they don't make unusual noises. 

Be aware these items regularly sell out so keep checking their availability.

Anker1.png


If the RavPower isn't available and you need to buy something immediately, you can pick up the Anker PowerWave Stand. Anker includes the cable (micro-USB) but not the wall charger. It will deliver 5 watts for most devices and 10 watts to Samsung devices when paired with a QC2/3 certified wall plug. Expect it to perform 30% slower than the RavPower for most phones.

Don’t forget you will need a wall plug for this unit. You probably have one, but it you don’t take a look at this Anker QC2 unit.

Ed's favourite things - Best Password Manager

GeneralEdward Kiledjian
safe-913452.jpg

There is no shortage of password managers. Anytime you listen to a podcast or read an online blog post, you will probably be bombarded with ads for tools like Lastpass, Dashlane or 1Password. Add to that list the neverending supply of free password managers (Keepass, BitWarden, RoboForm, etc.)

Free isn’t bad

The truth is there are a lot of very good free password managers. These are great options for users that can't or don't want to spend money. I'll mention my favourite free pic later in the article.

Favourite paid password manager

Before jumping to 1Password a couple of years ago, I had been a paid Lastpass customer for about ten years. I started looking for an alternative because of irritants and an issue I experienced when I needed support, and Lastpass was unresponsive. Plus Lastpass is unrefined and a little clunky. After testing 10 of the best rated paid password managers, I chose 1Password.

Here is why I chose it and why it may be a good fit for you. It supports all the platforms I use, such as Windows, Macs, Chromebooks, iOS devices and Android devices. WatchTower is a great feature Lastpass didn't offer that ensures you aren't reusing passwords, that you are using strong passwords and that you aren't using passwords that are part of a site breach (therefore would already be on a list of passwords hackers would use first to break accounts).

Tell me more, please

1PasswordX for easier browser integration

As a ChromeOS user, 1Password was off-limits for many years because it did not have a self-contained browser extension. The original version of 1Password required that you install the full client on Mac and Windows to support their light browser plug-in. This changed with the release of a product called 1Password X. 1PasswordX works in Google Chrome, Microsoft Edge (Chromium version), Firefox and Opera (Chromium version). 1PasswordX offers all of the password management functionality without requiring any client installation so it also works on ChromeOS.

1Password uses multiple Vaults

1Password has implemented a password grouping concept called a Vault. A Vault is a container that stores all of your 1Password information. During installation, you create a default vault and everything is stored there automatically. But if you are also storing business information, you can create a separate Vault for those.

Another interesting use of Vaults is to improve travel security. We live in a world where our personal privacy is constantly under attack. Nowhere is this more true than when crossing an international border. Border agents can order you to unlock your device and your password vaults. Which would give them access to all of your sites and personal information. You can mark certain Vaults as safe for travel and store the less sensitive passwords here. If your device is inspected at a border crossing, only the vaults marked as safe for travel will appear.

Biometric support

All versions of 1Password support biometric authentication (depending on the features available on the platform of use). Since your main unlock password should be painfully long, this is a wonderful feature to enable on smartphones and tablets.

1Password for the security-conscious

Security is a balancing act competing with usability. My default, 1Password encrypted all of your information (on device) using AES256 before the blob is sent to their servers. This means that if their servers are ever compromised, your passwords are safe, as long as you are using a good strong, long password. You can and should read about their security model here.

If you want, you can be extra paranoid and configure 1Password not to sync the vaults to their servers. This means you can manually copy the encrypted vaults to your devices using whatever mechanism you want. For users that want this standalone model, 1Password does sell a standalone license for Windows and MacOS. Know that the standalone license does not include 1PasswordX. Most users should opt for the “normal” subscription model.

1Password for files

1Password (like Lastpass) gives you 1GB of encrypted cloud storage to store sensitive information you may need while out (think scans of passports, credit cards, health cards, tax papers, etc).

Support

1Password is a Canadian company with Canadian support. Believe it or not, getting in touch with a real human is very easy, not buried 32 levels deep like other products. Their online support site is clean, has well-written articles with nice screenshots and video walkthroughs. This one item sets them apart from many of their competitors.

1Password isn’t perfect

Perfection doesn’t exist in nature or the computer world. By default, the Vaults lock after 1o minutes of inactivity to protect your information. I think this is a desirable feature, but some may find it slightly annoying. You can change this setting but.. should you? I say keep it as is.

A little annoyance is acceptable in exchange for better security. Lastpass has a forever free version that meets the requirements of “normal” users. 1Password does not offer a free version (only a 30-day trial). I believe in paying for good products to encourage the developers and ensure the product survives.

What is the best free password manager?

I tested about ten free password managers while investigating what product I should be using daily. And after reading privacy policies, reading the security model documentation, I tested about ten free password managers while investigating what product I should be using on a daily basis. And after reading privacy policies, reading security whitepapers and testing the products, the winner is…. Bitwarden.

There are three features 1Password offers that differentiate it from Bitwarden. If you don’t need these features, then BitWarden may be a better option for you. The three features are:

  • WatchTower’s password checkup features

  • physical hardware security key support (e.g. Yubico)

  • 1GB of encrypted storage

BitwarDen has the essential features every password manager should offer, such as the ability to manually synchronize your data on as many devices as you want, the ability to store an unlimited number of passwords. The free version of BitWarden allows you to share select passwords with one other person (e.g. spouse or partner).

Bitwarden supports a wide range of devices such as Windows, macOS and Linux. It supports all major browsers with a plug-in (Chrome, Firefox, Opera, Microsoft Edge, Safari, Brace). On mobile, it supports both IOS and Android. If you are an uber-geek, BitWarden supports Command Line Interface to its vaults (CLI).

BitWarden uses similar vault security as 1Password but… it does not submit itself to independent security auditing as 1Password does.

BitWarden apps and plug-ins aren’t as polished as 1Password but they are highly functional.

Anytime we talk about free products, I am reminded of the saying “If you aren’t paying for the product, you are the product”. I read the BitWarden privacy policy, Nothing glaringly bad popped out. They don’t sell or share your data for commercial purposes. Although they do have the right to share some anonymized data.

You will get ads for their premium version in their free products, which is understandable. Remember that if you decide to pay, take a look at 1Password first.

Quickly uninstall apps from windows, even the sneaky ones

GeneralEdward Kiledjian

When you first started using your computer, it was silky smooth and fast. Now it is a sluggish mess.
Especially now that many of you are stuck at home, you may be trying new apps that turn out to be a disappointment.

  • How do you make sure you remove all the files when you uninstall that application?

  • Why doesn't the app you just installed have an uninstall option in add/remove applications?

The free app I am going to talk about will help with all of the above and more. It is called BCUninstaller.

What is BCUninstaller?

BCUninstaller stands for Bulk Crap Uninstaller and is a well designed tool to help remove any application, leftover files and more simply and quickly.

Many apps don’t have easy to find uninstaller options in the Windows Add/Remove Application applet but most leave behind a ton of garbage files. BCUninstaller uses its own appliction detection engine and has options to clean up “leftoer files”.

Here is a great video that shows how it works

Installing BCUninstaller is as simple as downloading the installer (from here) and then following the standard installation options.

Once the application installs, it will scan your computer and find all the installed applications. If you want to uninstall something, search for it using the search feature and then click on the uninstall button at the top.

It can detect these types of applications:

  • Normal registered applications (same as Programs and Features and many other uninstallers)

  • Hidden/protected registered applications

  • Applications with damaged or missing uninstallers

  • Portable applications (looks in common locations and on portable drives, configurable)

  • Chocolatey packages

  • Oculus games/apps

  • Steam games/apps

  • Windows Features

  • Windows Store apps (Universal Windows Platform apps)

  • Windows Updates Applications from all of these sources are treated the same - you can filter, export and automatically uninstall them in the same way.

To clean leftover files, click the Tools tab, then choose Clean up Program file folder and choose which discovered files you want to delete.